Data access management for a composition
Abstract
Systems and methods provide a transient component limited access to data in a composition. One method includes receiving a request for the transient component to access data in the composition. The composition may include permanent components operable to utilize encryption keys generated at selected intervals from a seed value shared by the permanent components. The encryption keys utilized by the permanent components at each selected interval may be identical to one another. The method also includes generating a set of encryption keys from the seed value for a specified period of time. The set of encryption keys may be identical to the encryption keys to be utilized by the permanent components at the selected intervals to occur during the specified period of time. The method further includes granting the transient component access to data in the composition for the specified period of time via the set of encryption keys.
Claims
exact text as granted — not AI-modifiedWhat is claimed is:
1. A computer-implemented method for providing a transient component limited access to data in a composition, comprising:
receiving an encryption key at each of a plurality of intervals from a seed value shared by a plurality of permanent components, wherein a permanent component comprises a component having access to one composition, wherein the composition comprises a group of components that form a desired computing system;
receiving a request for the transient component to access data in the composition, wherein the transient component comprises a component having access to a plurality of compositions and having limited access to the seed value;
generating a matching encryption key at selected intervals of the plurality of intervals to be utilized at the transient component, wherein each matching encryption key is identical to the encryption key received for the interval;
providing the matching encryption keys to the transient component during the selected intervals; and
granting the transient component access to data in the composition for the specified period of time via the set of encryption keys.
2. The computer-implemented method of claim 1 , wherein the transient component is communicatively coupled to at least one other composition.
3. The computer-implemented method of claim 2 , wherein the composition is a first server, and the at least one other composition includes a second server.
4. The computer-implemented method of claim 1 , further comprising:
denying the transient component access to data in the composition outside of the specified period of time.
5. The computer-implemented method of claim 1 , further comprising:
during the specified period of time, generating, via the plurality of permanent components or a processor communicatively coupled to each of the permanent components, the encryption keys at the plurality of intervals occurring during the specified period of time.
6. The computer-implemented method of claim 5 , wherein:
the processor is communicatively coupled to the transient component; and
the processor is operable to generate the set of encryption keys from the seed value for the specified period of time.
7. The computer-implemented method of claim 6 , further comprising:
transmitting the set of encryption keys to the transient component from the processor;
utilizing, concurrently, a first encryption key of the set of encryption keys from the transient component and a first encryption key of the plurality of permanent components at a first of the plurality of intervals occurring during the specified period of time, the first encryption key of the set of encryption keys and the first encryption key of the plurality of permanent components being identical to one another; and
utilizing, concurrently, a second encryption key of the set of encryption keys from the transient component and a second encryption key of the plurality of permanent components at a second of the plurality of intervals occurring during the specified period of time, the second encryption key of the set of encryption keys and the second encryption key of the plurality of permanent components being identical to one another.
8. The computer-implemented method of claim 5 , wherein generating the set of encryption keys from the seed value for the specified period of time is carried out prior to the specified period of time.
9. The computer-implemented method of claim 1 , wherein:
the permanent components are communicatively coupled with one another via a network; and
the permanent components and the transient component are communicatively coupled during the specified period of time via the network.
10. A data access management system comprising:
a network interface;
a non-transitory computer-readable medium; and
one or more processors, communicatively coupled to the non-transitory computer-readable medium and the network interface, wherein the non-transitory computer-readable medium stores instructions, that when executed by the one or more processors, cause the one or more processors to:
receive an encryption key at each of a plurality of intervals from a seed value shared by a plurality of permanent components, wherein a permanent component comprises a component having access to one composition, wherein the composition comprises a group of components that form a desired computing system;
receive a request for the transient component to access data in the composition, wherein the transient component comprises a component having access to a plurality of compositions and having limited access to the seed value;
generate a matching encryption key at selected intervals of the plurality of intervals to be utilized at the transient component, wherein each matching encryption key is identical to the encryption key received for the interval;
provide the matching encryption keys to the transient component during the selected intervals; and
grant the transient component access to data in the composition for the specified period of time via the set of encryption keys.
11. The data access management system of claim 10 , wherein the non-transitory computer-readable medium stores instructions, that when executed by the one or more processors, further cause the one or more processors to:
deny the first component access to data in the composition outside of the specified period of time.
12. The data access management system of claim 10 , wherein the first component is communicatively coupled to at least one other composition.
13. The data access management system of claim 12 , wherein the composition is a first server, and the at least one other composition includes a second server.
14. The data access management system of claim 13 , wherein:
the second components are communicatively coupled with one another via a network; and
the second components and the first component are communicatively coupled during the specified period of time via the network.
15. The data access management system of claim 10 , wherein the second components are granted access to data in the composition outside of the specified period of time.
16. The data access management system of claim 10 , wherein the non-transitory computer-readable medium stores instructions, that when executed by the one or more processors, further cause the one or more processors to:
generate the encryption keys utilized by the second components at the plurality of intervals occurring during the specified period of time.
17. The data access management system of claim 10 , wherein the instructions, that when executed by the one or more processors, further cause the one or more processors to generate the set of encryption keys prior to the specified period of time.
18. A non-transitory computer-readable medium comprising computer executable instructions stored, which when executed, cause a processor to:
receive an encryption key at each of a plurality of intervals from a seed value shared by a plurality of permanent components, wherein a permanent component comprises a component having access to one composition, wherein the composition comprises a group of components that form a desired computing system;
receive a request for the transient component to access data in the composition, wherein the transient component comprises a component having access to a plurality of compositions and having limited access to the seed value;
generate a matching encryption key at selected intervals of the plurality of intervals to be utilized at the transient component, wherein each matching encryption key is identical to the encryption key received for the interval;
provide the matching encryption keys to the transient component during the selected intervals; and
grant the transient component access to data in the composition for the specified period of time via the set of encryption keys.
19. The non-transitory computer-readable medium of claim 18 , wherein the instructions stored, which when executed, further cause the processor to:
deny the first component access to data in the composition outside of the specified period of time; and
grant the plurality of second components access to data in the composition outside of the specified period of time.
20. The non-transitory computer-readable medium of claim 19 , wherein:
the first component is communicatively coupled to at least one other composition;
the composition is a first server, and the at least one other composition includes a second server;
the plurality of second components are communicatively coupled with one another via a network; and
the plurality of second components and the first component are communicatively coupled during the specified period of time via the network.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.